EP0926583A1 - System zur Steuerung der Ausführung von Software oder dergleichen - Google Patents

System zur Steuerung der Ausführung von Software oder dergleichen Download PDF

Info

Publication number
EP0926583A1
EP0926583A1 EP97203665A EP97203665A EP0926583A1 EP 0926583 A1 EP0926583 A1 EP 0926583A1 EP 97203665 A EP97203665 A EP 97203665A EP 97203665 A EP97203665 A EP 97203665A EP 0926583 A1 EP0926583 A1 EP 0926583A1
Authority
EP
European Patent Office
Prior art keywords
program
entitlement
local control
message
devices
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP97203665A
Other languages
English (en)
French (fr)
Inventor
Andrew Augustine Wajs
Johannes Antonius Hendricus Maria Becker
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Irdeto BV
Original Assignee
Irdeto BV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Irdeto BV filed Critical Irdeto BV
Priority to EP97203665A priority Critical patent/EP0926583A1/de
Publication of EP0926583A1 publication Critical patent/EP0926583A1/de
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • G06F2211/008Public Key, Asymmetric Key, Asymmetric Encryption

Definitions

  • the present invention relates to a system for controlling the execution of a program or the like by a computer connected to a network, the system comprising a number of local controlling devices secured against unauthorized access.
  • the invention aims to provide an improved system of the above-mentioned type.
  • a system of the above-mentioned type comprises a number of local controlling devices secured against unauthorized access, each of said devices being connected to a corresponding computer, each of said devices comprising a processor, an address and means for communicating with the corresponding computer, and a central control unit connected to the network and comprising means for communicating with each of said local control devices through the network, wherein said control unit can forward an entitlement message to each of said local control devices, the entitlement message containing entitlement information regarding the use of the program, each of the local control devices controlling the use of the program in accordance with said entitlement information.
  • the entitlement message may contain information with respect to the maximum number of uses and/or a time period for use and/or the type of use.
  • control unit forwards an entitlement message with an authentication.
  • the computer 1 is connected to a network 2 in a manner not further shown.
  • This network may be a broadcast network or a bidirectional network, for example the Internet.
  • the system comprises a number of local controlling devices 3 which are secured against unauthorized access in a manner known per se.
  • Each of said devices 3 is connected to a corresponding computer 1, wherein the drawing only shows one computer 1 and one device 3.
  • the device 3 comprises a processor, a unique address and means for communicating with the corresponding computer 1 for example through a connection with a port of the computer 1.
  • the device 3 may be a PC card.
  • system comprises a central control unit 4 connected to the network 2 and comprising means for communicating with each of the local devices 3 through the network 2.
  • the central control unit 4 can forward an entitlement message to each of the local control devices 3 through the network 2.
  • the entitlement message contains an address to indicate to a specific local control device that this message is intended for this device. Further the entitlement is encrypted using a public key algorithm, for example and includes an authentication to ensure that the message is not tampered with.
  • the local control device 3 decrypts the entitlement message using its private key, at least this private key being stored in a secure manner.
  • the entitlement message contains entitlement information, such as the maximum number of uses and/or a time period for use and/or the type of use for the program. If desired, the entitlement message may contain update information providing new keys for future use.
  • the entitlement information is stored within the secure part of the device 3. Of course, an entitlement message can also contain information instructing the processor to delete earlier forwarded entitlement information.
  • the program will pass an authenticated message to the local control device 3, wherein the processor of the device 3 processes this message in order to obtain a response which is returned to the program.
  • the program will expect a particular response and if the response is not correct, execution of the program will be stopped.
  • the response may be a fixed response or a response based on a zero-knowledge protocol or some other protocol.
  • the authenticated message provided by the program to the local control device 3 may contain entitlement information either previously stored in the program or received from the central control unit 4 through the network 2.
  • This entitlement may be in the form of a time period during which the program may be used.
  • a further possibility is to store a predetermined number of times during which the program may be used and each time a program is actually used, the number is decreased by one. Of course combinations of time periods and number of times are possible.
  • the system of the invention provides a very flexible control on the use of a program.
  • the program may be any type of program such as a computer program, a film or any other data of interest to a user. Therefore, the wording "execution of a program" in this specification encompasses each use of a program, film, data or the like in a computer.
  • entitlement message is both encrypted and authenticated
  • the local control device 3 will either only check the authentication or decrypt the entitlement message.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
EP97203665A 1997-11-24 1997-11-24 System zur Steuerung der Ausführung von Software oder dergleichen Withdrawn EP0926583A1 (de)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP97203665A EP0926583A1 (de) 1997-11-24 1997-11-24 System zur Steuerung der Ausführung von Software oder dergleichen

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP97203665A EP0926583A1 (de) 1997-11-24 1997-11-24 System zur Steuerung der Ausführung von Software oder dergleichen

Publications (1)

Publication Number Publication Date
EP0926583A1 true EP0926583A1 (de) 1999-06-30

Family

ID=8228961

Family Applications (1)

Application Number Title Priority Date Filing Date
EP97203665A Withdrawn EP0926583A1 (de) 1997-11-24 1997-11-24 System zur Steuerung der Ausführung von Software oder dergleichen

Country Status (1)

Country Link
EP (1) EP0926583A1 (de)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1990013865A1 (en) * 1989-04-28 1990-11-15 Softel, Inc. Method and apparatus for remotely controlling and monitoring the use of computer software
US5103476A (en) * 1990-11-07 1992-04-07 Waite David P Secure system for activating personal computer software at remote locations
WO1993001550A1 (en) * 1991-07-01 1993-01-21 Infologic Software, Inc. License management system and method
WO1997004412A2 (en) * 1995-07-19 1997-02-06 Cable Television Laboratories, Inc. Method for protecting publicly distributed software

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1990013865A1 (en) * 1989-04-28 1990-11-15 Softel, Inc. Method and apparatus for remotely controlling and monitoring the use of computer software
US5103476A (en) * 1990-11-07 1992-04-07 Waite David P Secure system for activating personal computer software at remote locations
WO1993001550A1 (en) * 1991-07-01 1993-01-21 Infologic Software, Inc. License management system and method
WO1997004412A2 (en) * 1995-07-19 1997-02-06 Cable Television Laboratories, Inc. Method for protecting publicly distributed software

Similar Documents

Publication Publication Date Title
US4723284A (en) Authentication system
US5949881A (en) Apparatus and method for cryptographic companion imprinting
EP0752635B1 (de) System und Verfahren zur transparenten Integrierung von verschlüsselten Funktionen von einer IC-Karte mit kryptographischen Diensten auf Basis des Hauptrechners
RU2399087C2 (ru) Безопасное хранение данных с защитой целостности
CA2313851C (en) Securing feature activation in a telecommunication system
US6895502B1 (en) Method and system for securely displaying and confirming request to perform operation on host computer
US6317829B1 (en) Public key cryptography based security system to facilitate secure roaming of users
US6393565B1 (en) Data management system and method for a limited capacity cryptographic storage unit
US6684198B1 (en) Program data distribution via open network
US20030149666A1 (en) Personal authentication system
US8769307B2 (en) Secure operation indicator
EP0781427B1 (de) Gesichertes rechnernetzwerk
US20030191946A1 (en) System and method controlling access to digital works using a network
JP2003087238A (ja) 家庭内ネットワークにおけるセキュリティ実現方式
US5588059A (en) Computer system and method for secure remote communication sessions
WO1997004412A2 (en) Method for protecting publicly distributed software
EP0888677A1 (de) Authentifizierungssystem basierend auf einem periodischen challenge-response-protokoll
US7472123B2 (en) Server device, communication device, and program for managing contents usage
WO1996008756A9 (en) Secure computer network
US7796762B2 (en) Communication system, common key control apparatus, and general communication apparatus
US8086849B2 (en) Secure internet-scale eventing
EP1194869A4 (de) Technik zur sicheren fern-konfiguration eines systems
EP0926583A1 (de) System zur Steuerung der Ausführung von Software oder dergleichen
JP2001344216A (ja) 記録制限情報付メモリーカードを用いたダウンロードシステム
BE1003693A6 (fr) Systeme de securite pour systeme informatique.

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

AX Request for extension of the european patent

Free format text: AL;LT;LV;MK;RO;SI

AKX Designation fees paid
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 19991231

REG Reference to a national code

Ref country code: DE

Ref legal event code: 8566